Alert close - icon Fill 1 Copy 10 Untitled-1 tt copy 3 Untitled-1 Untitled-1 tt copy 3 Fill 1 Copy 10 menu Group 3 Group 3 Copy 3 Group 3 Copy Page 1 Group 2 Group 2 Skip to content

Users of library services privacy notice

Privacy notice for users of library services.

Who controls your data

For any information held about you by Derbyshire libraries, the controller is Derbyshire County Council. We keep your information in an electronic library management system. But we still use paper for some things, such as the mobile library service.

Information we collect

In order to let you become a library member, we need a few basic details such as your name, your home address, your date of birth and, if you have them, an email address and telephone number.

Why we need your data and how long we keep it

We need your personal information so that we can fulfil a contract between you and us for the provision of the library service. If we do not know your basic details, we'll not be able to serve you effectively. You do not have to give us your information, but unless you do, you cannot become a library member, so most services will not be available to you.

We do not use your information to contact you about library events, or for any other marketing purposes, unless you specifically tell us you want that, for instance, by signing up for one of our email alerts. See our outreach privacy notice for more information.

We regularly check whether your personal data is up to date, but please tell us about any changes. We'll normally keep your reader record for one year after your library membership comes to an end. Even after your personal record is deleted, minimal information such as your postcode may remain among the data we use to generate usage statistics.

Sharing your information

Derbyshire libraries has joined up with other East Midlands library authorities in a consortium called EMLIB. If you choose to join a library run by our consortium partners, we will make your personal data accessible to their staff, subject to the EMLIB partnership agreement. All the partners use the same library management system, run by a company called Sirsi Dynix. That company is allowed to process a very limited amount of your data if we ask them to, for instance if there is a technical problem. This data sharing is also governed by a data sharing agreement.

Volunteers in council-run libraries have no access to the library management system and therefore no access to your data. Volunteers and staff in community managed libraries are given limited access to the system, meaning that the only personal data available to them is your name.

We do not ordinarily share your information with other services or organisations, unless the law requires. We can also make an exception in our legitimate interests. For instance, if we needed to take legal steps to recover overdue items from you, we'd pass your details to our legal services department. We keep records of attempts to recover our property for 6 years.

Otherwise, we'd only share your information with your consent. For instance, library members with visual impairments may allow us to share their details with a charity that arranges transport to the library.

Keeping your information safe

We are committed to protecting personal data and have data policies and procedures in place to ensure that it is safeguarded.

To find out about information security in relation to the Radio Frequency Identification (RFID) tags used on library books, see the document attached to this page.

You can also take simple steps to guard your own security:

  • do not share your library card number or passcode
  • always keep your library card in a secure place
  • keep your library books secure too - remember that your borrowing choices may reveal aspects of your private life

Your rights

Should you wish to raise any concerns about how we have processed your personal data you can contact the Data Protection Officer:

You also have the right to contact the Information Commissioner.

Who you can contact

Find out more about how we handle personal information.

If you need to complain, find ways of getting in touch, or come into your local library to speak to us.

The UK's regulatory body is the Information Commissioner's Office.